<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
require_once BASE_PATH.'application/models/app_model.php';
/*
	Model: User
	

*/


class User_model extends APP_Model {

	protected $binding = 'user';

    function init() {
		$this->load->library('security');
		$this->load->library('form_validation');
		$this->load->helper('security');
		$this->load->database();
    }
	
	// validation functions
	
	function unique_email($email){
		$user = $this->find_by_email($email);
		if($user === false){
			return true;
		}else{
			return false;
		}
	}
	
	function matches($value, $match){
		if($value == $match){
			return true;	
		}else{
			return false;
		}
	}
	
	
	function add($user, $validate = true){
		// clean input
		$user = $this->security->xss_clean($user);
		// validate input
		if($validate){
			if($this->validate($user) === false){
				return false;
			}
		}
		// if no user type set, make them a user
		if( !isset($user['user_type_id']) ){
			$user['user_type_id'] = 1;
		}
		//encode password
		$user['password'] = do_hash($user['password']);
		$user = $this->prepare_to_save($user);
		$this->db->insert('users', $user);
		return true;
	}
	
	// FIND SINGLE AND MULTIPLE USERS
	function list_users($user_type = 0){
		if($user_type > 0){
			$this->db->from('users')->where('user_type_id', $user_type)->order_by('email', 'asc');
		}else{
			$this->db->from('users')->order_by('user_type_id', 'asc')->order_by('email', 'asc');
		}
		$q = $this->db->get();
		$users = array();
		foreach($q->result_array() as $row){
			$this->db->select('name')->from('user_types')->where('id', $row['user_type_id']);
			$q = $this->db->get();
			$type = $q->row_array();
			$users[$row['id']] = array(
				'email' => $row['email'],
				'type' => $type['name'],
				'first_name' => $row['first_name'],
				'last_name' => $row['last_name']
			);
		}
		return $users;
	}
	
	function list_admin_users(){
		return $this->list_users(2);
	}
	
	function list_standard_users(){
		return $this->list_users(1);
	}
	
	function list_user_types(){
		$this->db->from('user_types');
		$q = $this->db->get();
		$types = array();
		foreach($q->result_array() as $row){
			$types[] = $row;
		}
		return $types;
	}
	
	function find_by_id($id){
		$this->db->from('users')->where('id', $id);
		$q = $this->db->get();
		if($q->num_rows() > 0 ){
			$user = $q->row_array();
			unset($user['password']);
			return $user;
		}else{
			return false;
		}
	}
	
	function find_by_email($email){
		$this->db->from('users')->where('email', $email);
		$q = $this->db->get();
		if( $q->num_rows() == 0 ){
			return false;
		}else{
			$user = $q->row_array();
			unset($user['password']);
			$this->db->from('user_types')->where('id', $user['user_type_id']);
			$q2 = $this->db->get();
			$row2 = $q2->row_array();
			$user['type'] = $row2['name'];
			return $user;
		}
	}
	
	function find_by_reset_token($token){
		$this->db->from('users')->where('password_reset_token', $token);
		$q = $this->db->get();
		if( $q->num_rows() == 0 ){
			return false;
		}else{
			$user = $q->row_array();
			unset($user['password']);
			return $user;
		}
	}
	
	function get_password($id){
		$this->db->from('users')->where('id', $id);
		$q = $this->db->get();
		if( $q->num_rows() == 0 ){
			return false;
		}else{
			$user = $q->row_array();
			return $user['password'];
		}
	}
	
	// EDIT USER
	
	function change_email($id, $new_email){
		$this->db->where('id', $id)->set('email', $new_email);
		$this->db->update('users');
	}
	
	function change_user_type($id, $new_type_id){
		$user = $this->find_by_id($id);
		if($user['user_type_id'] == 2){
			$admins = $this->list_admin_users();
			if( count($admins) == 1 ){
				$this->error_message = "This will leave no admin users on system";
				return false;
			}
		}
		$this->db->where('id', $id)->set('user_type_id', $new_type_id);
		$this->db->update('users');
		return true;
	}
	
	function reset_password_request($email){
		$this->load->helper('string');
		$this->db->from('users')->where('email', $email)->limit(1);
		$q = $this->db->get();
		$row  = $q->row_array();
		$id = $row['id'];
		$time = time();
		$token = random_string('unique');
		$this->db->where('id', $id)->set('password_reset_token', $token)->set('password_reset_timestamp', $time);
		$this->db->update('users');
		return $token;
	}
	
	function reset_password($email, $token, $new_password){
		$user = $this->find_by_email($email);
		if($user === false){
			$this->validation_errors['password_reset'] = "Email not found";
			return false;
		}
		// token must be valid and issued within the last 24 hours...
		$now = time();
		$maxtime = (24*60)*60;
		if($token != $user['password_reset_token']){
			$this->error_message = "Token does not match";
			return false;
		}elseif( ($now - $user['password_reset_timestamp']) > $maxtime ){
			$this->error_message = "Token out of date";
			return false;
		}else{
			//update user
			$user_fields = array(
				'password' => do_hash($new_password),
				'password_reset_token' => '',
				'password_reset_timestamp' => ''
			);
			$this->db->where('id', $user['id']);
			$this->db->update('users', $user_fields);
			return true;		
		}
	}
	
	function delete($id){
		$user = $this->find_by_id($id);
		if( $user === false ){
			$this->error_message = "User not found";
			return false;
		}
		$admins = $this->list_admin_users();
		if($user['user_type_id'] == 2 && count($admins) == 1){
			$this->error_message = "Cannot delete last admin user";
			return false;
		}else{
			$this->db->delete('users', array('id' => $id));
			return true;
		}
	}
	
	
	
	
	
}
?>